[BreachExchange] Wasaga Distribution says it was victim to cyber attack

Destry Winant destry at riskbasedsecurity.com
Mon Aug 24 10:23:55 EDT 2020


https://www.simcoe.com/news-story/10143680-wasaga-distribution-says-it-was-victim-to-cyber-attack/

 Wasaga Beach’s local electricity distribution company says it was a
victim to computer hacking.

However, says a news release from the Wasaga Distribution Inc. chief
executive officer Keith McAllister, computer systems containing
personal data were not affected by a data breach that took place Aug.
17, and the information remains intact.

Customer access to account information through WDI’s customer-connect
portal was also not affected, and the system continued to be available
to customers.

In an interview, McAllister acknowledged the attack is similar to the
ransomware demand experienced by the Town of Wasaga Beach in 2018, in
that the attackers have asked for money in exchange for a decryption
key.

The utility is currently working with police.

“In terms of the electrical system itself, there is no issue with that
at all,” he said. “Our customer base is secure, and we don’t believe
they had any access to that.”

According to the release, the cyber security breach resulted in
restricted access to some of the company’s systems.

According to the release, a forensic evaluation and recovery plan was
implemented.

“While it will take a bit of time for all computer-based systems to be
restored from the back-up systems, the normal operation of the
electrical system was not affected,” the release stated.

“We apologize for any delays our customers may have experienced over
the last couple of days when they called into our office for
inquiries,” the release stated. “We are taking all necessary steps to
help prevent similar occurrences in the future.”

The Town of Wasaga Beach’s computer systems were hacked and held
‘hostage’ several weeks in 2018, after cyber criminals gained access
and demanded a ransom to release a decryption key.

The town ultimately paid a ransom of around $34,000, though the
ultimate cost in lost productivity, new servers, consulting fees, and
new security software was close to $250,000.

McAllister said the utility has a number of systems that reside in
local servers, and in the cloud; systems that reside in the cloud were
not affected, such as the customer service system that contains
information about customers and their electricity use.

“Our systems are fully backed up and those systems (in the cloud) were
not encrypted (by the hackers),” he said.“We are still in the process
of evaluating the full effect of the security breach and our ability
to recover.  Some of our main systems are up and running such as our
customer service interface.

“I believe we’re in pretty good shape. We have our teams working on
it, and I’m pleased with our people who have taken care of the systems
the way they are, and pleased with the external help we’ve brought in
to help us recover.”


More information about the BreachExchange mailing list